Security, Quality Assurance, And Red Hat Network; Before You Begin - Red Hat NETWORK SATELLITE 5.1.1 Reference Manual

• Filtered list of package updates (packages not relevant to your network are not included)
• Reliable method of managing multiple systems with similar configurations

1.6. Security, Quality Assurance, and Red Hat Network

Red Hat Network provides significant benefits to your network, including security and quality
assurance. All transactions made between your systems and Red Hat Network are encrypted and all
RPM packages are signed with Red Hat's GNU Privacy Guard (GPG) signature to ensure authenticity.
Red Hat Network incorporates the following security measures:
1. Your System Profile, available at http://rhn.redhat.com, is accessible only with an RHN-verified
username and password.
2. A Digital Certificate is written to the client system after registration and is used to authenticate the
system during each transaction between the client and Red Hat Network. The file is only readable
by the root user on the client system.
3. Red Hat signs all communications with an electronic signature using GPG. RPM can be used to
verify the authenticity of the package before it is installed.
4. Red Hat encrypts all transactions using a Secure Sockets Layer (SSL) connection.
5. The Red Hat Quality Assurance Team tests and verifies all packages before they are added to the
Red Hat Errata list and Red Hat Network.

1.7. Before You Begin

By default, all software packages necessary to access Red Hat Network are installed with Red
Hat Enterprise Linux distributions. However, if you chose not to install them during the installation
process, you must obtain the Red Hat Update Agent (up2date) and possibly the Red Hat Network
Registration Client (rhn_register). In Red Hat Enterprise Linux 3 and later, registration
functionality is built into the Red Hat Update Agent, while Red Hat Enterprise Linux 2.1 users will
need the Red Hat Network Registration Client.
Warning
The SSL certificate packaged with older versions of the Red Hat Update Agent
and the Red Hat Network Registration Client reached its end of life August 28,
2003. Users attempting to connect using this certificate will receive SSL connection
or certificate verification errors. You may view and obtain the versions of these
applications containing new certificates at the
website, click Help at the top-right corner, Get RHN Software in the left navigation bar,
and scroll down to examine the packages and versions.
To determine the versions of the client applications installed, run the rpm -q command followed by
the package name. For instance, for the Red Hat Network Registration Client, type the following
command:
rpm -q rhn_register
Security, Quality Assurance, and Red Hat Network
RHN Client Software
2
page. In the RHN
5